Online Checkup: Why Cyberethics Matter More Than You Think

When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. Perhaps its time for instituting a regular cyber check-up?

When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. After a few moments of small talk about the weather and traffic, my dental hygienist (abbreviated hereafter in this blog as DH) always jumps straight to the point:

DH – “Been brushing?”

Dan – “Yes!” (with confidence)

DH – “Flossing?”

Dan – (This time softer, with a sheepish frown and a bit of fear) “More often than before…”

DH – “How often?”

Dan – “Well… two or three times a week?” (I’m asking myself: why I’m afraid of these questions…)

Does the scenario at the dentist’s office sound familiar? (Hopefully, you floss more than I do.)

If not, perhaps you can relate better to a regular physical at your doctor’s office. After the nurse gets your weight, pulse, blood pressure, temperature, etc, the doctor typically asks a series of questions about your diet and whether you’re getting enough exercise. Of course, good doctors are trying to go deeper than just today’s numbers on the chart and look at overall health trends. Adjustments are required when the pattern is leading in troublesome directions.

Perhaps it’s time for instituting a regular cyber check-up? No, I’m not talking about running diagnostics on your car or placing chips in your brain.

I’m talking about a regularly-scheduled, honest, open discussion about online life at home and work.

You may be thinking: Sure, I get the significance of the dentist’s and the doctor’s office check-up, but why is this online-life check-up so important? What issues need to be discussed? How does this impact business and government security? What’s at stake for my family and career?

This is the first in a series of three blogs on the personal and professional impacts of cyberethics. I'm starting with the scope of the challenges we face at home and work. Next, I'll be describing some current difficult “staff-oriented” security situations that government and business enterprises must address. Finally, I will conclude with a blog offering some potential solutions and hurdles to overcome moving forward.

Along the way, I will use a few excerpts from my book Virtual Integrity: Faithfully Navigating the Brave New Web. While the book was published in 2008, most of the online problems, trends and ethical challenges described have only increased in the past four years with the explosion in use of social media sites and mobile computing. The majority of Internet predictions made have already taken place (faster than I thought), and many blog readers are now always-connected to the Net. I believe that children and adults need regularly refreshed cyberethics educational lessons, motivating challenges and even occasional reminders. In short, our shortage of online trust will only get worse unless these trends are reversed.

Topics in Cyberethics: Almost Everything Online Is Included

Back in 2008, The Carnegie Institute held a forum entitled: Cyberethics: The Emerging Codes of Online Conduct. The expert speakers included Michael Getler, Rita J. King, Alex Koppelman and Steve Clemons. The cyberethics discussion mainly focused on online news and ethical issues in media, and yet the topics ranged from our identity to using anonymity, from online news to the future of newspapers, from citizen journalism to “unaccountable” blogs, from information overload to policing truth and from Second Life (virtual worlds) to political campaigns.

And yet, cyberethics factor into almost every policy and rule that government enterprises implement at the local, state and federal levels. Sure, improved awareness training is vital, but as I have repeated in several interviews, "Darth Vader was well trained."

The intentions of employees may be good, but what is actually happening on the ground (on the networks?) How are staff truly behaving and how are policies being enforced? For a partial range of potential issues at home and in the office, see this table entitled: "Cyber Conduct - Personal Consequences lead to Societal and Criminal Impact." This table was first published on page 86 of Virtual Integrity.

The truth is that the cyberethics and online activities of the workforce is a pivotal, foundational issue for every business and government organization. The often discussed “insider threat issue” pertains to not only internal “expert hackers” or professional bad guys trying to steal money and/or intellectual property, but all employees need to take notice. Each of us plays a role in defending the enterprise from cyber attacks, stopping malware (not clicking on bad links) as well as avoiding potential costly legal issues such as e-discovery wild goose chases, plagiarism claims and copyright violations.

Your Future Is At Stake

In addition, what I think most people miss is that their own family and career is at stake. In a worst-case scenario, I have seen staff lose their jobs, families divided, marriages torn apart or even people go to jail over ethical violations online. More often, online actions of personnel can cause problems for security teams, weaken the enterprise, cause a security breach or hurt someone’s reputation or their chances for promotion.

But just as important as avoiding these negative consequences and staying out of newspaper headlines, I am starting to see online behaviors and the need for a regular cyber check-up as more and more like our dental or doctor’s office check-up. Yes, the wrong diet or lack of exercise or not flossing my teeth has negative ramifications in life. And the right diet and exercise and flossing can also strengthen overall health and enable positive things in the future.

Just as my friends who run marathons tell me that they “feel it” later when they miss training days, I think we each feel it if/when we are engaged in ethical violations online – no matter how small. The individual and the enterprise will eventually suffer in some way. If the behavior continues, the eventual impact will only grow.

In the same way, balancing online and offline life, behaving in appropriate ways online at home and work, “surfing your values” and forming intentional good habits in cyberspace will lead to personal and professional success and enable the many good possibilities in our careers.

Next time, I’ll provide more specific online examples and explore the concept of online accountability further.

What are your thoughts on cyberethics? How does your business balance the people, process and technology aspects of cybersecurity?

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Dan Lohrmann

Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.